In recent years, a threat to security due to malicious software (hereinafter referred to as malware) that provides a computer with an unauthorized command has been a social issue. Accordingly, expectations have been raised for a technique for accurately detecting malware getting into a computer so as to eliminate such a threat to security.
As an example of a technique related to the above-mentioned technique, PTL 1 discloses a malware analysis system that receives a malware candidate sample from a firewall, and automatically generates a signature code when it is determined that the sample is malware. This system determines whether or not the malware candidate sample is malware by using various heuristic methods.